60 matches found
PT-2026-48628
Name of the Vulnerable Software and Affected Versions Gitea affected versions not specified Description Gitea fails to enforce OAuth2 access token scopes when a token is submitted via HTTP Basic authentication instead of a Bearer token. This occurs because the authentication process in...
Malicious Package
Overview symphony-core is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...
MiracleLinux 8 : dotnet3.1-3.1.115-1.el8.ML.1 (AXSA:2021-2226:06)
The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2021-2226:06 advisory. dotnet: .NET Core single-file application privilege escalation CVE-2021-31204 In order for the update to be complete, self-contained applications deployed...
Malicious Package
Overview vite-next-loggers is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...
EUVD-2025-27133
Malicious code in bioql PyPI...
EUVD-2025-27125
Malicious code in bioql PyPI...
XSS-CTFs
XSS-CTFs Contains hands-on XSS test cases from beginner...
CVE-2025-36854
A vulnerability CVE-2024-38229 https://www.cve.org/CVERecord exists in EOL ASP.NET when closing an HTTP/3 stream while application code is writing to the response body, a race condition may lead to use-after-free, resulting in Remote Code Execution. Per CWE-416: Use After Free...
CVE-2025-36855
A vulnerability CVE-2025-21176 https://www.cve.org/CVERecord exists in DiaSymReader.dll due to buffer over-read. Per CWE-126: Buffer Over-read https://cwe.mitre.org/data/definitions/126.html , Buffer Over-read is when a product reads from a buffer using buffer access mechanisms such as indexes or...
CVE-2025-36854
A vulnerability CVE-2024-38229 https://www.cve.org/CVERecord exists in EOL ASP.NET when closing an HTTP/3 stream while application code is writing to the response body, a race condition may lead to use-after-free, resulting in Remote Code Execution. Per CWE-416: Use After Free...
PT-2025-36469
Name of the Vulnerable Software and Affected Versions: .NET 6.0.0 through 6.0.36 .NET 8.0.0 through 8.0.11 .NET 9.0.0 Description: A buffer over-read issue exists in DiaSymReader.dll. This occurs when a product reads from a buffer using buffer access mechanisms that reference memory locations aft...
PT-2025-36468
Name of the Vulnerable Software and Affected Versions: EOL ASP.NET versions 6.0.0 through 6.0.36 EOL ASP.NET versions 8.0.0 through 8.0.8 EOL ASP.NET versions 9.0.0-preview.1.24081.5 through 9.0.0.RC.1 Description: A race condition may occur when closing an HTTP/3 stream while application code is...
Linux Distros Unpatched Vulnerability : CVE-2021-46051
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A Pointer Dereference Vulnerability exists in GPAC 1.0.1 via the MediaIsSelfContained function, which could cause a Denial of Service. . CVE-2021-46051 Note tha...
Malicious code in a-vailable-al-bum-file-13575-forts-fsk2p-gmeawq (npm)
The package a-vailable-al-bum-file-13575-forts-fsk2p-gmeawq was found to contain malicious code...
MAL-2025-11955 Malicious code in @zalastax/nolb-haro (npm)
The package @zalastax/nolb-haro was found to contain malicious code...
Exploit for CVE-2025-49113
Roundcube RCE Lab CVE-2025-49113 !Open in GitHub Codespac...
SpeechVerifier: Robust Acoustic Fingerprint against Tampering Attacks Via Watermarking
With the surge of social media, maliciously tampered public speeches, especially those from influential figures, have seriously affected social stability and public trust. Existing speech tampering detection methods remain insufficient: they either rely on external reference data or fail to be bo...
.NET Remote Code Execution Vulnerability
Microsoft Security Advisory CVE-2024-43498 | .NET Remote Code Execution Vulnerability Executive summary Microsoft is releasing this security advisory to provide information about a vulnerability in .NET 9.0. This advisory also provides guidance on what developers can do to update their applicatio...
GHSA-6X36-QXMJ-RV4P .NET Denial of Service Vulnerability
Microsoft Security Advisory CVE-2024-43499 | .NET Denial of Service Vulnerability Executive summary Microsoft is releasing this security advisory to provide information about a vulnerability in .NET 9.0. This advisory also provides guidance on what developers can do to update their applications t...
[SECURITY] Fedora 39 Update: rapidjson-1.1.0-41.fc39
RapidJSON is a fast JSON parser and generator for C++. It was inspired by RapidXml. RapidJSON is small but complete. It supports both SAX and DOM style API. The SAX parser is only a half thousand lines of code. RapidJSON is fast. Its performance can be comparable to strlen. It also optionally...